<?php
require_once './lib/fun.php';
$return = array();
if (!empty($_POST['name'])) {
    $name = $_POST['name'];
    $number = $_POST['number'];
    if (empty($name)) {
        $return['result'] = 0;
        $return['msg'] = '用户名不能为空';
        returnToPage('register.php?type=login', $return);
    }
    if (strlen($number) == 0) {
        $return['result'] = 0;
        $return['msg'] = '学号不能为空';
        returnToPage('register.php?type=login', $return);
    }
    if (!is_numeric($number)) {
        $return['result'] = 0;
        $return['msg'] = '非法学号';
        returnToPage('register.php?type=login', $return);
    }
    $con = new PDO('mysql:host=localhost;dbname=smsystem', 'root', 'root');
    $con->query('set names utf8');
    $sql = "select id,name,number from user where name='{$name}' and number='{$number}' limit 1";
    $stat = $con->query($sql);
    $res = $stat->fetchAll(PDO::FETCH_ASSOC);
    if (empty($res)) {
        $return['msg'] = '该用户不存在';
        returnToPage('register.php?type=login', $return);
    } else {
        session_start();
        $_SESSION['user'] = $res[0];
        returnToPage('index.php');
    }
} else {
    $return['msg'] = '请通过POST进行提交';
    returnToPage('register.php?type=login', $return);
}
